ISE - Extracted Master Password from Memory

Hello 1Password.
I found this article from the Independent Security Evaluators (ISE).
https://www.securityevaluators.com/casestudies/password-manager-hacking/

In short, they were able to extract the master password, secret key and individual items and respective passwords from memory. It was done either when 1Password was in an unlocked state or locked state. The only way to clear memory was to exit out of the application totally.

It doesn't say how the sync was made (families, teams, dropbox, etc.) but I don't think it matters as what they had done was in the memory of the host machine.

If this is true, will it be fixed in future updates? Also, is this something present in other operating systems (MacOS, OS X, iOS,
Android)?

Thank you.


1Password Version: 7.2.576
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: Not Provided

Comments

  • GregGreg

    Team Member

    Hi @JOeMTC,

    We have a big discussion about this research paper here. Please feel free to join and read the responses from our Chief Defender Against the Dark Arts, Jeff Goldberg in that discussion.

    Let me know if you have any other questions. Thanks! :+1:

    Cheers,
    Greg

  • Thank you!

  • GregGreg

    Team Member

    @JOeMTC: You are always welcome! :+1:

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file